SSL encrypts web traffic to ensure user information and accounts are protected against hijacking, especially over unsecured Wi-Fi network. Most web browsers display a padlock symbol when it is in use and website addresses are prepended with https://, representing the use of Hypertext Transfer Protocol Secure (HTTPS), which is a combination of the Hypertext Transfer Protocol with SSL.

Google had rolled out encryption for web searches in May this year, but had not made it the default option. It is likely that many users who are unaware of the security risks associated with connecting to unsecured networks are also unaware of the benefits of turning on SSL, or even how to do so, and could be the most vulnerable.

Encryption is only on by default for users who are signed in. Users signed out or without Google accounts have to navigate to https://www.google.com if they want the added protection. Additionally, it appears that some regional-based versions of the SSL-enabled search engine aren't yet online, with https://www.google.com.au reverting to the Australian version of Google without SSL encryption.

Previously, SSL was only used to encrypt traffic when users logged in to sites to protect usernames and passwords. However, with tools such as Firesheep, malicious users were able to trivially hijack users' accounts without knowing the username or password if the entire session wasn't encrypted.